Struct ClientConnection

pub struct ClientConnection {
    inner: ConnectionCommon<ClientConnectionData>,
}

A QUIC client connection.

Fields

inner: ConnectionCommon<ClientConnectionData>

Implementations

impl ClientConnection

pub fn new( config: Arc<ClientConfig>, quic_version: Version, name: ServerName<'static>, params: Vec<u8>, ) -> Result<Self, Error>

Make a new QUIC ClientConnection.

This differs from ClientConnection::new() in that it takes an extra params argument, which contains the TLS-encoded transport parameters to send.

pub fn is_early_data_accepted(&self) -> bool

Returns True if the server signalled it will process early data.

If you sent early data and this returns false at the end of the handshake then the server will not process the data. This is not an error, but you may wish to resend the data.

Methods from Deref<Target = ConnectionCommon<ClientConnectionData>>

pub fn quic_transport_parameters(&self) -> Option<&[u8]>

Return the TLS-encoded transport parameters for the session’s peer.

While the transport parameters are technically available prior to the completion of the handshake, they cannot be fully trusted until the handshake completes, and reliance on them should be minimized. However, any tampering with the parameters will cause the handshake to fail.

pub fn zero_rtt_keys(&self) -> Option<DirectionalKeys>

Compute the keys for encrypting/decrypting 0-RTT packets, if available

pub fn read_hs(&mut self, plaintext: &[u8]) -> Result<(), Error>

Consume unencrypted TLS handshake data.

Handshake data obtained from separate encryption levels should be supplied in separate calls.

pub fn write_hs(&mut self, buf: &mut Vec<u8>) -> Option<KeyChange>

Emit unencrypted TLS handshake data.

When this returns Some(_), the new keys must be used for future handshake data.

pub fn alert(&self) -> Option<AlertDescription>

Emit the TLS description code of a fatal alert, if one has arisen.

Check after read_hs returns Err(_).

Methods from Deref<Target = CommonState>

pub fn wants_write(&self) -> bool

Returns true if the caller should call Connection::write_tls as soon as possible.

pub fn is_handshaking(&self) -> bool

Returns true if the connection is currently performing the TLS handshake.

During this time plaintext written to the connection is buffered in memory. After Connection::process_new_packets() has been called, this might start to return false while the final handshake packets still need to be extracted from the connection’s buffers.

pub fn peer_certificates(&self) -> Option<&[CertificateDer<'static>]>

Retrieves the certificate chain or the raw public key used by the peer to authenticate.

The order of the certificate chain is as it appears in the TLS protocol: the first certificate relates to the peer, the second certifies the first, the third certifies the second, and so on.

When using raw public keys, the first and only element is the raw public key.

This is made available for both full and resumed handshakes.

For clients, this is the certificate chain or the raw public key of the server.

For servers, this is the certificate chain or the raw public key of the client, if client authentication was completed.

The return value is None until this value is available.

Note: the return type of the ‘certificate’, when using raw public keys is CertificateDer<'static> even though this should technically be a SubjectPublicKeyInfoDer<'static>. This choice simplifies the API and ensures backwards compatibility.

pub fn alpn_protocol(&self) -> Option<&[u8]>

Retrieves the protocol agreed with the peer via ALPN.

A return value of None after handshake completion means no protocol was agreed (because no protocols were offered or accepted by the peer).

pub fn negotiated_cipher_suite(&self) -> Option<SupportedCipherSuite>

Retrieves the ciphersuite agreed with the peer.

This returns None until the ciphersuite is agreed.

pub fn negotiated_key_exchange_group( &self, ) -> Option<&'static dyn SupportedKxGroup>

Retrieves the key exchange group agreed with the peer.

This function may return None depending on the state of the connection, the type of handshake, and the protocol version.

If CommonState::is_handshaking() is true this function will return None. Similarly, if the CommonState::handshake_kind() is HandshakeKind::Resumed and the CommonState::protocol_version() is TLS 1.2, then no key exchange will have occurred and this function will return None.

pub fn protocol_version(&self) -> Option<ProtocolVersion>

Retrieves the protocol version agreed with the peer.

This returns None until the version is agreed.

pub fn handshake_kind(&self) -> Option<HandshakeKind>

Which kind of handshake was performed.

This tells you whether the handshake was a resumption or not.

This will return None before it is known which sort of handshake occurred.

pub(crate) fn is_tls13(&self) -> bool

pub(crate) fn process_main_protocol<Data>( &mut self, msg: Message<'_>, state: Box<dyn State<Data>>, data: &mut Data, sendable_plaintext: Option<&mut ChunkVecBuffer>, ) -> Result<Box<dyn State<Data>>, Error>

pub(crate) fn write_plaintext( &mut self, payload: OutboundChunks<'_>, outgoing_tls: &mut [u8], ) -> Result<usize, EncryptError>

pub(crate) fn check_aligned_handshake(&mut self) -> Result<(), Error>

pub(crate) fn send_msg_encrypt(&mut self, m: PlainMessage)

Fragment m, encrypt the fragments, and then queue the encrypted fragments for sending.

fn send_appdata_encrypt( &mut self, payload: OutboundChunks<'_>, limit: Limit, ) -> usize

Like send_msg_encrypt, but operate on an appdata directly.

fn send_single_fragment(&mut self, m: OutboundPlainMessage<'_>)

fn send_plain_non_buffering( &mut self, payload: OutboundChunks<'_>, limit: Limit, ) -> usize

pub(crate) fn start_outgoing_traffic( &mut self, sendable_plaintext: &mut Option<&mut ChunkVecBuffer>, )

Mark the connection as ready to send application data.

Also flush sendable_plaintext if it is Some.

pub(crate) fn start_traffic( &mut self, sendable_plaintext: &mut Option<&mut ChunkVecBuffer>, )

Mark the connection as ready to send and receive application data.

Also flush sendable_plaintext if it is Some.

fn flush_plaintext(&mut self, sendable_plaintext: &mut ChunkVecBuffer)

Send any buffered plaintext. Plaintext is buffered if written during handshake.

fn queue_tls_message(&mut self, m: OutboundOpaqueMessage)

pub(crate) fn perhaps_write_key_update(&mut self)

pub(crate) fn send_msg(&mut self, m: Message<'_>, must_encrypt: bool)

Send a raw TLS message, fragmenting it if needed.

pub(crate) fn take_received_plaintext(&mut self, bytes: Payload<'_>)

pub(crate) fn start_encryption_tls12( &mut self, secrets: &ConnectionSecrets, side: Side, )

pub(crate) fn missing_extension(&mut self, why: PeerMisbehaved) -> Error

fn send_warning_alert(&mut self, desc: AlertDescription)

pub(crate) fn process_alert( &mut self, alert: &AlertMessagePayload, ) -> Result<(), Error>

pub(crate) fn send_cert_verify_error_alert(&mut self, err: Error) -> Error

pub(crate) fn send_fatal_alert( &mut self, desc: AlertDescription, err: impl Into<Error>, ) -> Error

pub fn send_close_notify(&mut self)

Queues a close_notify warning alert to be sent in the next Connection::write_tls call. This informs the peer that the connection is being closed.

Does nothing if any close_notify or fatal alert was already sent.

pub(crate) fn eager_send_close_notify( &mut self, outgoing_tls: &mut [u8], ) -> Result<usize, EncryptError>

fn send_warning_alert_no_log(&mut self, desc: AlertDescription)

fn check_required_size<'a>( &self, outgoing_tls: &mut [u8], fragments: impl Iterator<Item = OutboundPlainMessage<'a>>, ) -> Result<(), EncryptError>

fn write_fragments<'a>( &mut self, outgoing_tls: &mut [u8], fragments: impl Iterator<Item = OutboundPlainMessage<'a>>, ) -> usize

pub(crate) fn set_max_fragment_size( &mut self, new: Option<usize>, ) -> Result<(), Error>

pub(crate) fn get_alpn_protocol(&self) -> Option<&[u8]>

pub fn wants_read(&self) -> bool

Returns true if the caller should call Connection::read_tls as soon as possible.

If there is pending plaintext data to read with Connection::reader, this returns false. If your application respects this mechanism, only one full TLS message will be buffered by rustls.

pub(crate) fn current_io_state(&self) -> IoState

pub(crate) fn is_quic(&self) -> bool

pub(crate) fn should_update_key( &mut self, key_update_request: &KeyUpdateRequest, ) -> Result<bool, Error>

pub(crate) fn enqueue_key_update_notification(&mut self)

pub(crate) fn received_tls13_change_cipher_spec(&mut self) -> Result<(), Error>

pub(crate) fn buffer_plaintext( &mut self, payload: OutboundChunks<'_>, sendable_plaintext: &mut ChunkVecBuffer, ) -> usize

Send plaintext application data, fragmenting and encrypting it as it goes out.

If internal buffers are too small, this function will not accept all the data.

pub(crate) fn send_early_plaintext(&mut self, data: &[u8]) -> usize

fn send_plain( &mut self, payload: OutboundChunks<'_>, limit: Limit, sendable_plaintext: &mut ChunkVecBuffer, ) -> usize

Encrypt and send some plaintext data. limit controls whether the per-connection buffer limits apply.

Returns the number of bytes written from data: this might be less than data.len() if buffer limits were exceeded.

Trait Implementations

impl Debug for ClientConnection

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Deref for ClientConnection

type Target = ConnectionCommon<ClientConnectionData>

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl DerefMut for ClientConnection

fn deref_mut(&mut self) -> &mut Self::Target

Mutably dereferences the value.

impl From<ClientConnection> for Connection

fn from(c: ClientConnection) -> Self

Converts to this type from the input type.